Closed Bug 872125 Opened 11 years ago Closed 10 years ago

Encrypted Media Extensions

Categories

(Internet Public Policy :: General, task, P1)

Product:
Internet Public Policy
Component:
General
Platform:
All
Other
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nick, Unassigned)

Details

:: Internet Public Policy Issue

Region/Country: All

:: Description

The W3C has published a draft of a proposal for Encrypted Media Extensions, hereby referred to as EME, for the standardization process.  EME is a facilitator to Digital Rights Management, hereby referred to as DRM.

:: Relevance

Microsoft and Google are working with Netflix to provide protected content on the web without plugins that are an additional step that hurt adoption rates of content providing services.  By shipping browsers with Content Decryption Modules such as PlayReady and Widevine, they will have exclusive access to content from companies like Netflix.  Many other content providers look to Netflix, and are interested in ready made solutions.

Goal: Take a stance on EME, for or against
When: Before EME becomes a Candidate Recommendation

:: Additional Information

Henri Sivonen and Brendan Eich have much more information and insight into this issue.

Here are some relevant links:

EME W3C First Public Working Draft:
http://www.w3.org/TR/encrypted-media/

Microsoft PlayReady DRM CDM:
http://www.microsoft.com/playready/

Google Widevine DRM CDM:
http://www.widevine.com/

"Today I Saw the Future" ~Brendan Eich, blog post about watermarking, an alternative to DRM:
https://brendaneich.com/2013/05/today-i-saw-the-future/

"Tell the W3C We Don't Want HollyWeb" campaign by the Fress Software Foundation:
http://www.defectivebydesign.org/no-drm-in-html5
I don't want this in Firefox, It's DRM.
(In reply to thepouar from comment #1)
> I don't want this in Firefox, It's DRM.

For future viewers of this bug, please refrain from making subjective statements.
It's important to provide only facts around the pros and cons.

The W3C abstract, linked in the bugs description, defines EME as "APIs to control playback of protected content" and "facilitating the development of robust playback applications supporting a range of content decryption and protection technologies."  It itself does not describe a DRM CDM implementation.

New developments:
https://www.eff.org/press/releases/eff-makes-formal-objection-drm-html5
https://www.eff.org/pages/drm/w3c-formal-objection-html-wg
https://www.eff.org/deeplinks/2013/05/eff-joins-w3c-fight-drm
(In reply to Nick Desaulniers [:\n] from comment #0)
> Henri Sivonen and Brendan Eich have much more information and insight into
> this issue.

CCing accordingly.
(In reply to Nick Desaulniers [:\n] from comment #2)
> (In reply to thepouar from comment #1)
> > I don't want this in Firefox, It's DRM.
> 
> For future viewers of this bug, please refrain from making subjective
> statements.
> It's important to provide only facts around the pros and cons.

Out of interest, how is Mozilla's stance going to be decided in the absence of subjective statements?  What are the criteria governing the decision and who is going to make it?  Is this not, perhaps, something that should be thrown to a community poll given that - as far as I can see - the biggest arguments against this technology are idealogical, and therefore inherently subjective?
Goal: Take a stance on EME, for or against
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Well, if those are our choices, our stance is "against" :-) But yes, we are implementing it. :-|

Gerv
(In reply to Gervase Markham [:gerv] from comment #7)
> Well, if those are our choices, our stance is "against" :-) But yes, we are
> implementing it. :-|
> 
> Gerv

Erm... how is that not a complete contradiction?
Very easily. There are two bad options; this one is less bad than the other. But being less bad than the other doesn't mean it's good, or we like doing it. We'd prefer DRM and EME didn't exist. But they do.

Gerv
Mozilla should be commended for being as fair to users as they can in the circumstances.

That said, I would only be comfortable with EME if users were clearly notified what the limitations are to accessing the content, both first time and as an icon in the address bar detailing what the restrictions are; that Mozilla is a third-party, not responsible for Adobe's DRM, and that Mozilla does not endorse DRM as a philosophy; and that when installed on their device, users can limit when the DRM can run: for example, being able to remove ID associated with the site (as with cookies), or whitelisting sites that can run the DRM to be more secure. It would concern me if the DRM were running on sites for reasons other than just playing media, such as identifying users without their knowledge or consent.

Mozilla should ask Adobe to offer an indemnity to anyone who attempts to circumvent the DRM, as the risk of a 'digital underground' where websites claim they can bypass the DRM if you install their software, and then install malware instead, is high.

Mozilla should also ensure that the source code of Adobe's DRM is vetted on a non-disclosure basis to select Mozilla employees, who are able to say "No" to an update if it is not fully clear what the code does, or attempts to disrupt a user's experience beyond basic copying of media. They should also be able to say if they are unhappy with current or future changes without fear of retribution.

It should also be clear exactly what the restrictions the DRM can impose on a user are, before they install it. If an update attempts to add additional restrictions, it must warn the user before installing. Mozilla should also state what they will never allow the DRM to do, so that users don't have to keep an eye over their shoulder, and to reduce the chance of feature creep.

Some of this may already be in place, or is planned. It's best to be as clear and open as possible about this, as limited DRM, such as with Steam, can be effective without being overly restrictive. But there should be safeguards to ensure that the user is informed and protected, especially when Mozilla is not the author of the DRM.
(In reply to Elbart from comment #5)
> So Long, and Thanks for All the Fish:
> 
> https://blog.mozilla.org/blog/2014/05/14/drm-and-the-challenge-of-serving-
> users/
> https://hacks.mozilla.org/2014/05/reconciling-mozillas-mission-and-w3c-eme/

Even though I support EME in Firefox, I created a BugZilla account just now for the sole purpose of telling you what a awesome turn a phrase that was.. Well done.. :)
Personally, and as a developer, I am against DRM in theory AND in practice.

As a user, I just want to watch Netflix in Firefox, without having to jump through hoops.  I want it to just "work".

I am in favor of implementing it with a whitelist option... make people make a conscious decision to use it, rather than it just always being on.
(In reply to Jamie.Cooper from comment #12)
> Personally, and as a developer, I am against DRM in theory AND in practice.
> 
> As a user, I just want to watch Netflix in Firefox, without having to jump
> through hoops.  I want it to just "work".
> 
> I am in favor of implementing it with a whitelist option... make people make
> a conscious decision to use it, rather than it just always being on.

Wow... I never expected to get any replies again from this very old thread.
Now that most browsers support EME (Encrypted Media extensions, I am glad that Netflix runs right out of the box on Linux)

Speaking now a year later as someone who has dealt with intellectual property theft, (different I know), but I will say it's not a fun day for a content provider to see people taking months and months of work and just passing it around, and not getting any kind of credit in many cases and getting robbed of funds to make more cool stuff. And some people even pass things off as there own creation or do God knows what to your art.

And when major studios get involved, Netflix is VERY liable, and though DRM isn't perfect it would be far to easy to snag standard HTML5 video I think, so Netflix understandably if it doesn't want to risk a huge class action is smart to require DRM, and Firefox is smart to lead the charge for hassle free implementation.
It seems to me that what this system is begging for is micro-payments.  A user deposits a few bucks with paypal or preferably, some other less-retro-capitalist online banker, and the user gets charged a penny or two for viewing a video.  Said online banker would have low-cost money-transfer agreements with youtube, Netflix, Comcast, PBS, etc.  The online banker would aggregate payments to the big and small content suppliers monthly.  The end-user puts 10 bucks into their account and is charged a few cents for viewing a video.  If there was a single deep-pocketed liberal to fund the infrastructure for this, the content providers could make money based on views, rather than coercing them to use certain browsers where all a user's personal information is forfeited to over-funded corporations that make money by selling users' personal data and viewing habits.  Let people pay businesses a few cents per view in exchange for their personal freedom to learn and explore.  If you want to use a person's data for capital gain, then each person should be paid for the data that adds to a corporate bottom line.  I just want to offer this as a possible approach to fairness.  The actors in Office Space had a "scam" to take a fraction of a cent from each transaction that the bank processed, in order to set them up for life.  Corporations need to to consider how lucrative a fraction of a cent from billions of users would be if micro-payments were available.  The populace needs to consider how lucrative this system would be to their personal freedom.
You need to log in before you can comment on or make changes to this bug.